By default, all TLS versions are supported on devices that act as an HTTPS server.
For devices that act as an SSL server or HTTPS server, the default connection is with TLS 1.2. For devices that act as an SSL client or syslog, OpenFlow, or secure AAA client, during session negotiation, the TLS version is decided based on the server support.
You can configure the minimum TLS version on NetIron devices using the ip ssl server min-version { 1 | 2 } command.
The following cipher suites are allowed in FIPS mode:
The cipher suite is the default cipher suite.